Ciphering algorithms may be used to encrypt/decrypt plaintext information exchanged between two parties during an encrypted communication session. Before the encrypted communication session begins, the parties may participate in a key exchange procedure to establish which cipher key will be used for the session. During the key exchange procedure, one of the parties (the “key provider”) will generally attempt to securely communicate the cipher key to the other party (the “key requester”) over a public channel.
There are several types of conventional key exchange procedures presently available. One such type relies on a transport layer security (TLS) connection to communicate a cipher key over a public channel. Although relatively secure, establishing the TLS connection over the public channel may generally require the key requester and the key provider to exchange several handshakes, and as a result TLS-based procedures generally experience more latency and overhead than other procedures.
Another type of key exchange procedure relies on pre-shared symmetrical keys instead of dynamically allocating and exchanging a cipher key each time a communication session is initiated. The pre-shared symmetrical keys are generally shared by the key provider and the key requester through a secure channel, and may remain unchanged for a period of time (e.g., Wi-Fi Protected Access (WPA) encryption mode for home and small office networks). Because both the key requester and the key provider have to maintain the pre-shared keys, protocols that rely on pre-shared keys generally have significantly more key management overhead (typically, approximately twice the overhead) than protocols in which keys are managed solely by the key provider. As a result, key exchange procedures that rely on pre-shared keys may face scalability challenges that render them unsuitable for larger networks.
Yet another type of key exchange procedure relies on a third party certification authority (CA) to certify the cipher key exchange between the key requester and key provider. However, key exchange procedures that rely on third party CAs may be unsuitable for enterprise networks with high security requirements because they require the operator to trust a third party, as well as because the verification certificates issued by the third party CA generally require an internet connection, which may constitute an additional security vulnerability for isolated enterprise networks (e.g., enterprise intranet).
For these reasons, new key exchange procedures that have less latency than key exchange procedures that rely on TLS connections, less overhead than key exchange procedures that rely on pre-shared keys, and better cipher-key securitization than key exchange procedures that rely on third party CAs are desired.